• DocumentCode
    892940
  • Title

    The Contemporary Software Security Landscape

  • Author

    Ahmad, David

  • Author_Institution
    Bombardier Aerosp., Dorval
  • Volume
    5
  • Issue
    3
  • fYear
    2007
  • Firstpage
    75
  • Lastpage
    77
  • Abstract
    Microsoft´s release of Windows Vista marks the arrival of a new era for software security. Fundamental changes have gradually occurred, bringing us to a point now where the threat landscape no longer resembles what it was just a few years ago. Vista´s release is ideal to consider as a culmination point; it´s from here that software attack strategies will move into new directions. In this article, the author examines some of these new directions, as well as some of the changes related to Vista that most encapsulate the current threat landscape for software security. Eight characterirstics most strongly define the new software security threat landscape. Let´s take a look at them: actualization of Web vulnerability threats; advances in code analysis; more advanced techniques; client-side vulnerabilities; remote exploitation; targeted attacks; sale of vulnerability information; and anti-exploitation technology.
  • Keywords
    Internet; operating system kernels; security of data; Web vulnerability threat; Windows Vista; antiexploitation technology; client-side vulnerabilities; code analysis; remote exploitation; software attack strategy; software security; targeted attacks; threat landscape; vulnerability information sale; Buffer overflow; Computer security; Graph theory; Information security; Network address translation; Privacy; Runtime; Visualization; World Wide Web; Writing; Vista; attack; kernel; security; software; vulnerabilities;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2007.73
  • Filename
    4218558
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=892940